Last month the U.S. Department of Justice (DOJ) announced the indictment of a Moroccan national for spoofing an NFT marketplace-website resulting in the theft of a Manhattan resident’s cryptocurrency investment of $450,000.
Unfortunately, we have seen this spoofing strategy before. In January of this year, it was reported that North Korea has become very proficient at doing the same.
In our January blog post, we extracted a list of actions from some of the reporting, which an NFT investor can take to minimize the risk of falling victim.
However, there was one item not mentioned on the list that caught my attention in the recent indictment:
The criminals often use “Sponsored” sites to reel their victims in.
Here is a quote from the DOJ press release:
“Through paid advertisements on a popular search engine, [the defendant] caused his spoofed version of the [NFT Marketplace] to appear first in search results for the [NFT Marketplace].”
And here is a quote from the indictment itself:
“To promote the spoofed OpenSea website and trick victims into using the spoofed site… the defendant, paid for sponsored links on a popular internet search engine (“Search Engine-I”). Accordingly, when users of Search Engine-I searched for “opensea,” the first search result would be a link to the spoofed website.”
As we all know, when we do a Google search, “Sponsored Ads” appear on the top of the first page.
Beware. The sponsored ads site could be a criminal impersonating a website for a legitimate product, service, or brand.
As the U.S. Attorney for the Southern District of New York stated in the press release:
“‘Spoofing’ is one of the oldest tricks in the criminal playbook.”
So, in addition to advising your clients and the public to consider the following recommendations to minimize the risk of being duped by phishing or impersonation schemes:
1. Verify websites’ legitimacy before entering personal information, such as your wallet address or private key. Look for official URLs and contact information.
2. Enable two-factor authentication (2FA) for your wallet and other accounts. 2FA is an extra layer of security that requires you to enter a code from a device, such as a smartphone, to access information.
3. Beware of emails that contain links or attachments from unknown senders. Don’t click on any suspicious links or enter your information on websites you’re unfamiliar with.
4. Use strong passwords and don’t reuse them across multiple accounts. It’s also a good idea to regularly change your passwords, especially if you suspect your account may have been compromised.
5. Avoid publicly sharing your wallet address. You should also avoid public Wi-Fi networks and use a VPN when possible.
6. Make sure to spot a phishing email by looking for spelling mistakes, poor grammar, and excessive use of punctuation marks like exclamation points.
Now, add to the list of recommendations:
7. Beware of “Sponsored” sites.
ADDITIONAL READING
IP Probe Blog – 1/6/23 — NFT Collectors Beware—North Korean Hackers are Phishing in Your Waters
IP Probe Blog – 5/14/22 — First US/DOJ—NFT “Rug Pull” Prosecution: Part 2 of 2
IP Probe Blog – 4/29/22 — First US/DOJ—NFT “Rug Pull” Prosecution: Part 1 of 2
Disclaimer: IPProbe.Global is a service to the professional IP community. While every effort has been made to check information in this blog, we provide no guarantees or warranties, express or implied, regarding the content provided in IPProbe.Global. We disclaim all liability and responsibility for the qualification or accuracy of representations made by the contributors or for any disputes that may arise. It is the responsibility of the readers to independently investigate and verify the credentials of such persons and the accuracy and validity of the information provided by them. This blog is for general information only and not intended to provide legal or other professional advice.
0 comments on “NFT Marketplace-Impersonations Lead to Cryptocurrency Theft”